Social-Engineer Toolkit v3.0 Codename “#WeThrowBaseballs” Released

The mad hugger, Dave Kennedy (ReL1K) has been at it again. As if the Social Engineering Toolkit was not already one of the top security tools, Dave has been hard at work making it even better. Adding a slew of new features and updates.

Here is a list of the top new features:

1. Support for Windows – Tested on XP, Windows 7, and Windows Vista. Note that the Metasploit-based payloads to not work yet – when SET detects Windows they will not be shown only RATTE and SET Shell

2. New attack vector added – QRCode Attack – Generates QRCodes that you can direct to SET and perform attacks like the credential harvester and Java Applet attacks

3. Improved A/V avoidance on the SETShell and better performance. I’ve also fixed the non-encrypted communications when AES was not installed

4. Added a number of improvements and enhancements to all aspects of SET including major rehauls of the coding population and moved from things like subprocess.Popen(“mv etc.”) to shutil.copyfile(“etc”)